This resource is no longer available

The concept of corporate compliance is straightforward. A company either complies with regulatory requirements, or it does not. And if it does not comply, the organization risks incurring fines and penalties from regulatory bodies, which could not only negatively impact bottom-line profitability, but also corporate image – leading to further loss in company valuation/market capital.

But the subject of risk becomes more ambiguous to the eyes of many executives. How does one quantify an event that may or may not occur? And how do executives justify budgeting and spending on Governance, Risk, and Compliance (GRC) management when the Return on Investment (ROI) story is not clear?Aberdeen’s March 2012 GRC survey showed that executives are viewing effective compliance and risk management as opportunities for corporate growth.

It can be tempting to stray from the security roadmap security professionals have put in place when data breaches like the Sony and Anthem breaches are all over the news. But experts say it's crucial to stick to the security basics.